Privacy – POLICY Responsibility: Executive Management Implementation: March 2014 Application: Distribution: Approved By: 1 Triennial Review: March 2015 This policy applies to all Carinity employees, volunteers, clients, students, contracted agency staff, donors, business partners and online users. Executive Management, Line Management, Human Resources Chief Executive Officer POLICY Carinity will use all reasonable efforts to protect the privacy of individuals’ personal information and to comply with the obligations imposed by the Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APP). We will only collect personal information by lawful and fair means and will only collect personal information that is necessary for one or more of our organisation’s functions or activities. If it is reasonable and practicable to do so, we will collect personal information about an individual only from that individual. In meeting our obligations with respect to the privacy of our clients, we will acknowledge that people with vision or hearing impairments and those of culturally and linguistically diverse backgrounds may require special consideration. 2 SCOPE This policy applies to all Carinity employees, volunteers, clients, students, contracted agency staff, donors, business partners and online users. The Privacy Act and this Privacy Policy do not apply to acts or practices which directly relate to employee records of Carinity current and former employees. 3 PURPOSE The purpose of this policy is to:  ensure personal information is managed in an open and transparent way;  clearly communicate the personal information handling practices of Carinity;  protect the privacy of personal information;  provide for the fair collection and handling of personal information;  ensure that personal information we collect is used and disclosed for relevant purposes only;  regulate the access to and correction of personal information; and  ensure the confidentiality of personal information through appropriate storage and security. Csps.2.003 Page 1 of 3 Est. 07/11 Rev. Triennial Vers. 06/03/14 4 DEFINITIONS An Employee Record is a record of personal information relating to the employment of the employee. Examples of personal information relating to the employment of the employee are health information about the employee and personal information about all or any of the following:  the engagement, training, disciplining or resignation of the employee  the termination of the employment of the employee  the terms and conditions of employment of the employee  the employee’s personal and emergency contact details  the employee’s performance or conduct  the employee’s hours of employment  the employee’s salary or wages  the employee’s membership of a professional or trade association  the employee’s trade union membership  the employee’s recreation, long service, sick, personal, maternity, paternity or other leave  the employee’s taxation, banking or superannuation affairs Health Information is: a) information or an opinion about:  the health or a disability (at any time) of an individual;  an individual’s expressed wishes about the future provision of health services to him or her; or  a health service provided, or to be provided, to an individual that is also personal information; or b) other personal information collected to provide, or in providing, a health service; c) other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or d) genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual. On-line users refers to anyone who accesses a Carinity website: http://carinity.org.au/ http://glendyne.qld.edu.au/ http://southside.qld.edu.au/ http://haraldshouse.com.au/ Personal information as defined in the Privacy Act 1988 is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not. Unsolicited Information is all personal information received from an individual that we did not actively seek to collect. Sensitive information as defined in the Privacy Act 1988 is information or opinion (that is also personal information) about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade Csps.2.003 Page 2 of 3 Est. 07/11 Rev. Triennial Vers. 06/03/14 association, membership of a trade union, sexual preferences or practices, criminal record, health, genetic, biometric information or biometric templates. 5 5.1 LEGISLATIVE OBLIGATIONS Carinity is committed to complying with the obligations imposed on Carinity under all legislation relevant to the delivery of services to its residents including but not limited to: (a) Privacy Act 1988 (Cth), (b) Aged Care Act 1997 (Cth); (c) Records Principles 1997 (Cth); (d) Quality of Care Principles 1997 (Cth); (e) Information Privacy Act 2009 (Qld); (f) Child Protection Act 1999 (Qld); (g) Disability Services Act 2006 (Qld); (h) Community Services Act 2007 (Qld); (i) Retirement Villages Act 1999 (Qld); (j) Education (General Provisions) Act 2006 (Qld); (k) Education (Accreditation of Non-State Schools) Act 2001 (Qld); (l) Fair Work Act 2009 (Cth); (m) Fair Work Regulations 2009 (Cth); and (n) National Vocational and Education and Training Regulator Act 2011 (Cth) 6 RELATED DOCUMENTATION 6.1 Policies 6.2 6.4 (a) Complaints Management - Policy (b) Incident Reporting & Incident Investigation -Policy (c) Media Management - Policy Procedures (a) Privacy - Procedure (b) Complaints Management - Procedure (c) Incident Reporting & Incident Investigation - Procedure (d) Media Management - Procedure Internal Documents (a) Code of Conduct (b) Privacy Collection Statement (c ) Protecting the Privacy of Personal Information When Working Outside the Office -AC Csps.2.003 Page 3 of 3 Est. 07/11 Rev. Triennial Vers. 06/03/14